Hot Topics

code tampering

Software Supply Chain Security Deconstructed

| | Application Security, Application security posture management, ASPM, Blog, code tampering, software supply chain security, SWSC
In the last several years, software supply chain security has become a critical focus for organizations worldwide.  While the SolarWinds software supply chain attack in 2020 and the Kaseya ransomware attacks in ...
Cycode

Three Lessons from the Ledger Connect Kit Supply Chain Attack

| | Application Security, Application security posture management, Blog, code tampering, Hardening SDLC, SCA, software supply chain security
On December 14, 2023, the crypto community held its breath as news of a critical compromise involving the Ledger Connect Kit, a vital software component connecting hardware wallets to dApps, hit the ...
Cycode
Google SLSA framework showing software lifecycle stages.

Mastering SDLC Security: Best Practices, DevSecOps, and Threat Modeling

| | Application Security, Application security posture management, ASPM, Blog, Code Leakage, code tampering, Compliance Frameworks, NIST SSDF, SLSA, software supply chain security
In the ever-evolving landscape of software development, it’s become absolutely paramount to ensure robust security measures throughout the Software Development Lifecycle (SDLC). Need proof? In the last three years alone, we’ve witnessed ...
Cycode
(More) Common Security Mistakes when Developing Swift Apps – Part II

(More) Common Security Mistakes when Developing Swift Apps – Part II

| | binary patching, Blog, code tampering, Cycript, dynamic memory modification, Extraneous Functionality, Frida, Insecure Communication, Insecure Direct Object References, local resource modification, method hooking, method swizzling, mobile banking, Mobile Security, OWASP Mobile Security Testing Guide, Reverse Engineering iOS Apps, SWIFT, Technical Blog
In my post last week I shared common security mistakes developers make when building Swift applications – covering insecure data storage, symmetric key algorithms, insecure communication and more. If you haven’t read ...
Blog – Checkmarx